= = = = = = = = ======================================================================== Please excuse multiple copies of this message. = = = = = = = = ======================================================================== Call for Papers: ACM CCS WORKSHOPS co-located with the 16th ACM Conference on Computer and Communications Security (CCS) 2009 Nov. 9, 2009 - Nov. 13, 2009 -- Chicago, IL, USA http://www.sigsac.org/ccs/CCS2009/ = = = = = = = = ======================================================================== *** Workshop submissions due: June 12, 2009 *** [ please check individual workshop pages for possible deadline extensions ] = = = = = = = = ======================================================================== Workshop on Assurable & Usable Security Configuration (SafeConfig) http://www.arc.cs.depaul.edu/~ehab/ccs/safeconfig09/ A typical enterprise network might have hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers and crypto systems. These must be logically integrated into a security architecture satisfying security goals at and across multiple networks. Logical integration is accomplished by consistently setting thousands of configuration variables and rules on the devices. The configuration must be constantly adapted to optimize protection and block prospective attacks. The configuration must be tuned to balance security with usability. These challenges are compounded by the deployment of mobile devices and ad hoc networks. The resulting security configuration complexity places a heavy burden on both regular users and experienced administrators and dramatically reduces overall network assurability and usability. The workshop will bring together academic as well as industry researchers to exchange experiences, discuss the major challenges and present future solutions to offer manageable and usable security. = = = = = = = = ======================================================================== Workshop on Digital Rights Management (DRM 2009) http://www.almaden.ibm.com/cs/people/hongxia-jin/DRM2009/ The ACM Workshop on Digital Rights Management is an international forum that serves as an interdisplinary bridge between areas that can be applied to solving the problem of Intellectual Property protection of digital content. These include: cryptography, software and computer systems design, trusted computing, information and signal processing, intellectual property law, policy-making, as well as business analysis and economics. Its purpose is to bring together researchers from the above fields for a full day of formal talks and informal discussions, covering new results that will spur new investigations regarding the foundations and practices of DRM. = = = = = = = = ======================================================================== Workshop on Virtual Machine Security (VMSec 2009) http://csis.gmu.edu/VMSec09/ This workshop, the first of its kind to deal exclusively with virtual machine security, will tackle the important research topics in virtualization security. This workshop aims to bring together leading researchers in the fields of virtualization and security to present the latest work on these topics. = = = = = = = = ======================================================================== Workshop on Security and Artificial Intelligence (AISec 2009) http://www.aisec.info/ This workshop is to facilitate an exchange of ideas between these AI and Security and promote security and privacy solutions that leverage AI technologies. Topics of interest include, but are not limited to AI-informed approaches to: Spam and botnet detection, malware identification, insider threat detection, incentives in security/privacy systems, phishing, and others. = = = = = = = = ======================================================================== Workshop on Secure Execution of Untrusted Code (SecuCode 2009) http://www.docomoeurolabs.de/secucode The workshop aims at bringing together researchers and practitioners from industry and academia working on the protection of software systems against untrusted code. Untrusted applications should only access those resources and only call those functions that are considered as non-security-critical. Topics of interest include security for intermediate languages like Java or .NET and interpreted languages like Python or PHP, runtime monitoring, static analysis and security architectures. = = = = = = = = ======================================================================== Workshop on Privacy in the Electronic Society (WPES 2009) http://wpes09.unibg.it/ The increased power and interconnectivity of computer systems available today create the ability to store and process large amounts of data, resulting in networked information accessible from anywhere at any time. It is becoming easier to collect, exchange, access, process, and link information. This global scenario has inevitably resulted in an increasing degree of awareness with respect to privacy. Privacy issues have been the subject of public debates, and the need for privacy-aware policies, regulations, and techniques has been widely recognized. The goal of this workshop is to discuss the problems of privacy in the global interconnected societies and possible solutions to them. = = = = = = = = ======================================================================== Workshop on Cloud Computing Security (CCSW 2009) http://crypto.cs.stonybrook.edu/ccsw09/ The CCSW workshop aims to bring together researchers and practitioners in all security aspects of cloud-centric and outsourced computing. How exactly grid, cloud, utility computing etc will look like tomorrow is still for the markets to decide, yet one thing is certain: clouds bring with them new untested deployment and associated adversarial models and vulnerabilities. It is essential that our community becomes involved at this early stage. = = = = = = = = ======================================================================== Workshop on Data Mining for Fraud Detection Workshop (DMFD 2009) https://sites.google.com/site/dmfd09/ This workshop focuses on data mining techniques that can be applied to organizational data to reveal fraudulent activity. We seek to foster a greater exchange between data mining researchers and fraud detection professionals. As fraud activity is highly context-dependent, context-agnostic submission is highly encouraged. = = = = = = = = ======================================================================== Workshop on Digital Identity Management (DIM 2009) http://www2.pflab.ecl.ntt.co.jp/dim2009 This workshop will explore critical issues concerning identity management technologies for the information society. Existing solutions are not necessarily interoperable or complementary, and sometimes overlap. Thus it is critical to lay foundations for a holistic understanding of problem areas and approaches to innovative solutions. The goal of this workshop is to share the latest findings, identify key challenges, inspire debates, and foster collaboration between industries and academia towards interoperable identity service infrastructures. = = = = = = = = ======================================================================== Workshop on Information Security Governance (WISG 2009) http://ait.gmu.edu/~csis/wisg2009/ Information Security Governance is to establish a framework to drive implementation of effective information security strategies in organizations involving risk management, reporting, and accountability. Recent changes in business environment such as outsourcing, global supply chain, and cross organizational collaborations is forcing users to access and retrieve business data across organizational boundaries. This is making data governance in enterprise intractable. These new disruptive trends will greatly change the notions of the information security governance calling for more fine-grained, data-centric, and risk-adjusted governance models with the innovative implementation technologies. = = = = = = = = ======================================================================== Workshop on Scalable Trusted Computing (STC 2009) http://projects.cerias.purdue.edu/stc2009/ Built on the continuous success of ACM STC'06, STC'07 and STC'08, this workshop focuses on fundamental technologies of trusted computing (in a broad sense, with or without TPMs) and its applications in large-scale systems -- those involving large number of users and parties with varying degrees of trust. The workshop is intended to serve as a forum for researchers as well as practitioners to disseminate and discuss recent advances and emerging issues. = = = = = = = = ======================================================================== Workshop on Secure Web Services (SWS 2009) http://sesar.dti.unimi.it/SWS09 The SWS workshop explores many topics related to Web Services Security, ranging from the advancement and best practices of building block technologies such as XML and Web services security protocols to higher level issues such as advanced metadata, general security policies, trust establishment, risk management, and service assurance. The workshop provides a forum for presenting research results, practical experiences, and innovative ideas in web services security. = = = = = = = = ======================================================================== Workshop on Security and Privacy in Medical and Home-Care Systems (SPIMACS 2009) http://www.infosecon.net/SPIMACS/ SPIMACS (pronounced spy-max) seeks to bring together the computer and social scientists that will be required to address the challenges of securing the intimate digital spaces of the most vulnerable. We invite papers which analyze the use of technologies at home, the challenges of design targeted at a population with cognitive decline, design for the disable with a focus on medical and home support when these projects have a primary or at least significant focus on privacy and security. Papers explaining the data constraints and controls on data from policy, ethical or legal perspectives are also welcome. = = = = = = = = ========================================================================